As healthcare systems continue strengthening IT security against cyber attacks and the federal government issues guidance to support their efforts, information is emerging about the most common targets of hackers looking for valuable patient data and other information.
The most frequent exploit in the last three months caught by HP Sure Click was against an older, unpatched memory corruption vulnerability in Microsoft Office, accounting for nearly 75 percent of all exploits in the fourth quarter of 2020, according to a recent threat insights report from HP Bromium as reported by Health IT Security.
CVE-2017-11882, found in Equation Editor, is a memory-corruption vulnerability that can allow an attacker to execute remote code on vulnerable devices after the victim opens a malicious document typically sent in a phishing email. The malicious attachment launches the exploit and provides the ability to deploy further malware. Microsoft has provided a software update to eliminate the risk, but these unpatched systems are leaving the door open to attacks.
A 'Superbug' Is on the Rise in Hospitals
The Next Generation of Security Tech in Healthcare Facilities
Encompass Health Rehabilitation Hospital of St. Petersburg Opens
Why More Facilities are Adding Gender Neutral Restrooms
Massachusetts Hospital Cyberattack Reflects Growing Vulnerability in Healthcare Systems